Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2011-0037
HistoryFeb 25, 2011 - 6:00 p.m.

CVE-2011-0037

2011-02-2518:00:01
CWE-20
microsoft
web.nvd.nist.gov
32
microsoft
malware protection
cve-2011-0037
nvd
security essentials
windows defender
forefront endpoint protection

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

19.5%

JSON

Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.

Affected configurations

Nvd
Node
microsoftforefront_client_security
OR
microsoftforefront_endpoint_protection_2010Match-
OR
microsoftmalicious_software_removal_tool
OR
microsoftmalware_protection_engineRange≀1.1.6502.0
OR
microsoftmalware_protection_engineMatch0.1.13.192
OR
microsoftmalware_protection_engineMatch1.1.3520.0
OR
microsoftsecurity_essentials
OR
microsoftwindows_defender
OR
microsoftwindows_live_onecare
VendorProductVersionCPE
microsoftforefront_client_security*cpe:2.3:a:microsoft:forefront_client_security:*:*:*:*:*:*:*:*
microsoftforefront_endpoint_protection_2010-cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:*:*:*:*:*:*:*
microsoftmalicious_software_removal_tool*cpe:2.3:a:microsoft:malicious_software_removal_tool:*:*:*:*:*:*:*:*
microsoftmalware_protection_engine*cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*
microsoftmalware_protection_engine0.1.13.192cpe:2.3:a:microsoft:malware_protection_engine:0.1.13.192:*:*:*:*:*:*:*
microsoftmalware_protection_engine1.1.3520.0cpe:2.3:a:microsoft:malware_protection_engine:1.1.3520.0:*:*:*:*:*:*:*
microsoftsecurity_essentials*cpe:2.3:a:microsoft:security_essentials:*:*:*:*:*:*:*:*
microsoftwindows_defender*cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*
microsoftwindows_live_onecare*cpe:2.3:a:microsoft:windows_live_onecare:*:*:*:*:*:*:*:*

Related

cvelist 1
prion 1
nvd 1
seebug 1
nessus 1
cvelist
cvelist
CVE-2011-0037
2011-02-25 17:00:00
prion
prion
Code injection
2011-02-25 18:00:00
nvd
nvd
CVE-2011-0037
2011-02-25 18:00:01
seebug
seebug
Microsoft Products Malware Protection Engineζƒι™ζε‡ζΌζ΄ž
2011-03-02 00:00:00
nessus
nessus
MS KB2491888: Microsoft Malware Protection Engine (MMPE) Privilege Escalation
2011-02-25 00:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

19.5%

JSON
Related for CVE-2011-0037
cvelist1prion1nvd1seebug1nessus1